If you do anything with Identity, you’ll know you need certificates — lots of them — and that normally means self-signed to keep the costs down or because you just need it for a short time before you tear down the VM or because you don’t have a PKI infrastructure.
This is for testing, proofs of concept etc. This is definitely not for Production purposes. Use at your own risk.
This self-signed certificate also needs a private key otherwise it’s pretty useless for SSL, token signing etc.
Remember that this won’t be signed by a CA so you need to do this to stop the browser complaining once you’ve generated the certificates.
Note: The “ character displayed by Medium does something funny when you cut and paste and run the command. You need to retype it as a “straight” character.